CtrlK
BlogDocsLog inGet started
Tessl Logo

tessl/pypi-aws-requests-auth

AWS signature version 4 signing process for the python requests module

84

1.10x
Overview
Eval results
Files

task.mdevals/scenario-9/

AWS Signature Verifier

A tool that verifies AWS API request signatures by implementing the AWS Signature Version 4 key derivation process.

Capabilities

Derives signing keys

  • Given AWS credentials (access key "AKIAIOSFODNN7EXAMPLE", secret key "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"), date "20150830", region "us-east-1", and service "iam", derives the correct signing key @test
  • Given different credentials with date "20231215", region "eu-west-1", and service "s3", derives the correct signing key @test

Validates signature keys

  • Compares a given signature key against an expected value and returns True if they match @test
  • Compares a given signature key against an expected value and returns False if they don't match @test

Implementation

@generates

API

def derive_signing_key(secret_key: str, date: str, region: str, service: str) -> bytes:
    """
    Derives an AWS Signature Version 4 signing key.

    Implements the multi-stage HMAC-SHA256 signing process:
    1. kSecret = secret_key
    2. kDate = HMAC-SHA256(kSecret, date)
    3. kRegion = HMAC-SHA256(kDate, region)
    4. kService = HMAC-SHA256(kRegion, service)
    5. kSigning = HMAC-SHA256(kService, "aws4_request")

    Args:
        secret_key: AWS secret access key
        date: Date in YYYYMMDD format
        region: AWS region (e.g., "us-east-1")
        service: AWS service name (e.g., "s3", "iam")

    Returns:
        The derived signing key as bytes
    """
    pass

def validate_signing_key(derived_key: bytes, expected_key: bytes) -> bool:
    """
    Validates that a derived signing key matches an expected key.

    Args:
        derived_key: The signing key that was derived
        expected_key: The expected signing key value

    Returns:
        True if the keys match, False otherwise
    """
    pass

Dependencies { .dependencies }

aws-requests-auth { .dependency }

Provides AWS Signature Version 4 authentication support, including signature key derivation functionality.

@satisfied-by

Install with Tessl CLI

npx tessl i tessl/pypi-aws-requests-auth

evals

scenario-9

rubric.json

task.md

tile.json